Hello,
we are using rsync mostly exclusively for packup purpose in "pull mode"
, run via script from a central backup server.
for that, we typically have allowed remote root login via ssh key.
rsync from the backup server pulls data from all hosts to be backed up
via ssh/rsync remote pipe.
it's running great for years in conjunction with zfs + inplace +
rotating snapshots.
besides the fact that we can use ssh security features to restrict what
commands can be run from remote - i am curious:
wouldn't it be an interesting idea to have some feature/switch in rsync,
which can globally (on a per host basis) turn rsync into "read-only" mode,
i.e. which makes rsync binary drop any capability of using
write/modify/delete syscalls ? maybe via some hard-coded
/etc/rsync.conf , checked on startup ?
does this sound reasonable and wold someone find this useful , too ?
regards
roland
--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
